asad/oauth2-zoho

Zoho OAuth 2.0 Client Provider for The PHP League OAuth2-Client

Maintainers

Details

github.com/asadku34/oauth2-zoho

Homepage

Source

Issues

Installs: 82 200

Dependents: 1

Suggesters: 0

Security: 0

Stars: 6

Watchers: 1

Forks: 5

Open Issues: 2

1.1.0 2021-03-07 01:55 UTC

Requires

Requires (Dev)

MIT 7ba18024818482ed5a100cc6cd7d3d1a3e3b7a0e

  • Asadur Rahman <asadku34.woop@gamil.com>

authorizationclientoauthoauth2authorisationZoho

This package is auto-updated.

Last update: 2024-04-22 02:56:13 UTC

README

Latest Version on Packagist Build Status Quality Score Total Downloads License

This package provides ZOHO OAuth 2.0 support for the PHP League's OAuth 2.0 Client.

To use this package, it will be necessary to have a ZOHO client ID and client secret. These are referred to as {zoho-client-id} and {zoho-client-secret} in the documentation.

Please follow the ZOHO instructions to create the required credentials.

Installation

You can install the package via composer:

composer require asad/oauth2-zoho

Usage

Authorization Code Flow

use Asad\OAuth2\Client\Provider\Zoho;

$provider = new Zoho([
    'clientId' => '{zoho-client-id}',
    'clientSecret' => '{zoho-client-secret}',
    'redirectUri' => 'http://localhost:8000/zoho/oauth2',
    'dc' => 'AU' //It will be optional if your ZOHO are in US location
]);

if (!isset($_GET['code'])) {
    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl([
        'scope' => [
            'ZohoCRM.modules.ALL', //Important: Define your data accessability scope here
            'ZohoCRM.settings.ALL',
        ],
        'access_type' => 'offline', //Important: If you want to generate the refresh token, set this value as offline
        'prompt' => 'consent'       //Important: Will not return a refresh token if this is not also set
    ]);

    $_SESSION['oauth2state'] = $provider->getState();
    header('Location: ' . $authUrl);
    exit;

    // Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {

    unset($_SESSION['oauth2state']);
    exit('Invalid state');
} else {

    // Try to get an access token (using the authorization code grant)
    try {
        $token = $provider->getAccessToken('authorization_code', [
            'code' => $_GET['code']
        ]);

        //$user = $provider->getResourceOwner($token);


        echo $access_token = $token->getToken();

        echo $refresh_token = $token->getRefreshToken(); //Save this refresh token to somewehre

        echo $token->getExpires();

    } catch (\Exception $e) {
        //handle you exception
    }
}

Refreshing a Token

Refresh tokens are only provided to applications which request offline access. You can specify offline access by passing the access_type option in your getAuthorizationUrl() request.

use Asad\OAuth2\Client\Provider\Zoho;
use League\OAuth2\Client\Grant\RefreshToken;

$provider = new Zoho([
    'clientId' => '{zoho-client-id}',
    'clientSecret' => '{zoho-client-secret}',
    'dc' => 'AU' //It will be optional if your ZOHO are in US location
]);

$refreshToken = 'FromYourStoredData';
$grant = new RefreshToken();
$token = $provider->getAccessToken($grant, ['refresh_token' => $refreshToken]);

Testing

composer test

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email asadku34@gamil.com instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.